0549b580c0551cdcbe2ab6d72fa833f27e20e7d45229913a88833cc2ea17ffae

Sharing

Copy URL Twitter E-mail

General

Target

0549b580c0551cdcbe2ab6d72fa833f27e20e7d45229913a88833cc2ea17ffae
Size

796KB
MD5

8c5a4cb9128a27a5e31c0130d7452ab0
SHA1

54dd514e35cc0fe0d33276b6826bcca27ccfddfd
SHA256

0549b580c0551cdcbe2ab6d72fa833f27e20e7d45229913a88833cc2ea17ffae
SHA512

ddca868c81fbc2919d4ffa832173011ecb6c9d56d8d5cda3b92c08fa24efd1cd55577100c57aaa215b8fda5e97186f6a3f3d3d200fbdb3ec54b37a90f647fb5e
SSDEEP

12288:owzi8M9XX2hfM24X5iBEpIpv+ummmmmmmmmmmmmO9Qzne:owzi19XGh6iBEpCke

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0549b580c0551cdcbe2ab6d72fa833f27e20e7d45229913a88833cc2ea17ffae

Files

0549b580c0551cdcbe2ab6d72fa833f27e20e7d45229913a88833cc2ea17ffae
.exe windows:4 windows x86 arch:x86

5fcba3f772be2dc14dbf9211a8b5b930

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
HeapSize
SetStdHandle
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
ExitThread
GetStringTypeA
GetStringTypeW
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetACP
GetProfileStringA
InterlockedExchange
HeapFree
HeapAlloc
ExitProcess
GetCommandLineA
GetStartupInfoA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetFileType
RaiseException
RtlUnwind
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
GlobalFlags
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesA
FindNextFileA
SuspendThread
ResumeThread
SetLastError
WritePrivateProfileStringA
GetPrivateProfileIntA
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GlobalLock
GlobalUnlock
FormatMessageA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
FindClose
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
WaitForMultipleObjects
SetThreadPriority
FindFirstFileA
CompareFileTime
GlobalAlloc
GlobalReAlloc
GlobalFree
Thread32First
Process32First
Process32Next
OpenEventA
ResetEvent
WaitForSingleObject
FindResourceA
LoadResource
LockResource
SizeofResource
OpenProcess
TerminateProcess
lstrcpynA
GetCurrentThread
LocalAlloc
LocalFree
CreateEventA
SetEvent
CreateMutexA
GetModuleFileNameA
CreateProcessA
LoadLibraryA
GetCurrentProcessId
FreeLibrary
DeviceIoControl
CreateThread
GetCurrentProcess
Sleep
GetVersionExA
GetTickCount
GetCurrentDirectoryA
GetComputerNameA
SetCurrentDirectoryA
GetSystemDirectoryA
SetEndOfFile
GetWindowsDirectoryA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetFilePointer
WriteFile
CreateToolhelp32Snapshot
GetLastError
CreateFileA
ReadFile
CloseHandle
OutputDebugStringA
GetVersion
MulDiv
lstrcpyA
lstrcmpiA
GetProcAddress
GetCurrentThreadId
IsBadWritePtr
lstrcmpA

user32

UpdateWindow
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
IsChild
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
SetWindowPos
RegisterWindowMessageA
IntersectRect
IsIconic
GetWindowPlacement
GetNextDlgTabItem
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
CharUpperA
wsprintfA
GetActiveWindow
DrawFocusRect
CopyRect
SetCapture
InvalidateRect
GetNextDlgGroupItem
TabbedTextOutA
LoadBitmapA
SetCursor
LoadCursorA
PostQuitMessage
LoadMenuA
GetSubMenu
IsWindowVisible
GetAsyncKeyState
FindWindowA
IsWindow
DestroyIcon
GetDesktopWindow
GetWindowRect
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
EnableWindow
FillRect
ExitWindowsEx
PostMessageA
SystemParametersInfoA
DrawTextA
LoadIconA
CharLowerBuffA
GetForegroundWindow
SetForegroundWindow
SetRect
SetRectEmpty
GetClientRect
ScreenToClient
PtInRect
SendMessageA
GetDC
GetSysColor
GetFocus
GetSystemMetrics
IsWindowEnabled
CallWindowProcA
SetWindowLongA
ClientToScreen
InflateRect
ReleaseDC
OffsetRect
GetWindowDC
DefWindowProcA
GetCapture
GetCursorPos
GetParent
SetTimer
GetTopWindow
GetWindow
UnhookWindowsHookEx
KillTimer
PostThreadMessageA
RegisterClipboardFormatA
ReleaseCapture
MessageBeep
SetWindowsHookExA
GetWindowLongA
GetClassNameA
CallNextHookEx
CopyAcceleratorTableA
GetSysColorBrush
LoadStringA
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetMenu
LoadAcceleratorsA
DestroyMenu
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
EndPaint
BeginPaint
GetMessageA
TranslateMessage
ValidateRect
CharNextA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
MessageBoxA
GrayStringA
TranslateAcceleratorA

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
CreateSolidBrush
PatBlt
CreateFontIndirectA
SetBkMode
RestoreDC
SaveDC
GetTextColor
CreateBitmap
SetTextColor
GetClipBox
Escape
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
LPtoDP
GetMapMode
DPtoLP
GetBkColor
CreateDCA
CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
BitBlt
DeleteDC
GetStockObject
GetObjectA
SelectPalette
RealizePalette
GetDIBits
SetBkColor
ExtTextOutA
SelectObject
DeleteObject
CreateDIBitmap
GetTextExtentPointA

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

ImpersonateSelf
LookupPrivilegeValueA
ChangeServiceConfigA
OpenServiceA
StartServiceA
CreateServiceA
CloseServiceHandle
OpenSCManagerA
RegCreateKeyExA
RegQueryValueExA
AdjustTokenPrivileges
OpenThreadToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
RevertToSelf
FreeSid
RegOpenKeyExA
RegCreateKeyA
RegSetValueExA
RegCloseKey
OpenProcessToken

shell32

DragQueryFileA
DragFinish
Shell_NotifyIconA
ShellExecuteA

comctl32

_TrackMouseEvent
ord17

oledlg

ord8

ole32

OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleInitialize
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID

olepro32

ord253

oleaut32

VariantClear
VariantCopy
SysAllocString
SysAllocStringByteLen
VariantChangeType
SysAllocStringLen
SysFreeString
VariantTimeToSystemTime
SysStringLen

wsock32

WSACleanup
WSAGetLastError
ioctlsocket
ntohs
sendto
WSAStartup
closesocket
connect
socket
htons
gethostbyaddr
gethostbyname
recvfrom
bind
inet_addr
gethostname

wininet

InternetGetLastResponseInfoA
InternetFindNextFileA
FtpFindFirstFileA
FtpPutFileA
FtpOpenFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
InternetConnectA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetCloseHandle
InternetOpenA

iphlpapi

GetIfTable

winmm

timeGetTime
timeSetEvent
timeKillEvent
PlaySoundA

ws2_32

WSACreateEvent
WSACloseEvent
WSAEnumNetworkEvents
WSAResetEvent
WSAWaitForMultipleEvents
WSAEventSelect
WSASetEvent

Sections

.text
Size: 320KB - Virtual size: 317KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 396KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5fcba3f772be2dc14dbf9211a8b5b930

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

wininet

iphlpapi

winmm

ws2_32

Sections

.text Size: 320KB - Virtual size: 317KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 20KB - Virtual size: 35KB

.rsrc Size: 396KB - Virtual size: 396KB

.text
Size: 320KB - Virtual size: 317KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 20KB - Virtual size: 35KB

.rsrc
Size: 396KB - Virtual size: 396KB